Skip to content

General Information

Job ID
31404
Location
Pune, India
Work Types
Full Time
Categories
Information Technology

We never ask for any kind of payment as part of our selection process, and we always contact candidates via our corporate accounts and platforms. If you are approached for payment or asked to make a purchase, this is likely to be fraudulent. Please check to see whether the role you are interested in is posted here, on our website.



About TMF Group

TMF Group is a leading provider of administrative services, helping clients invest and operate safely around the world. As a global company with 11,000+ colleagues based in over 125 offices across 87 jurisdictions, we actively seek out people with the talent and potential to flourish at TMF Group, whatever their background, and offer job opportunities to the broadest spectrum of people. Once on board, we nurture and promote talented individuals, ensuring that senior positions are open to all.



Discover the Role

The Assistant Manager, Third Party Risk Management, is primarily responsible for developing and managing a third-party risk management process that tracks third-party risks. Work directly with the Manager – Third Party Risk Management and the CISO/CSRO Office team to define issues and information needs and translate them into implementable technical enhancements to the TPRM Program. Deliver reporting for the Overall TPRM Program.

Employ the analytics features to compile and synthesize data to make grounded recommendations to assess and protect against risk exposure to guide decision making to advise the business with respect to TPRM.Champion and execute updates to the existing reporting and technology framework to reduce risk and enhance efficiency. Oversee and make recommendations about additional add-on features. Assess the Information Security posture of third parties (Sub-contractors and vendors), including their IT applications in the scope of the service provided to TMF, at the time of contracting their service and periodically thereafter.

The resource is also responsible for assessing information security risks from third parties and specifying appropriate technical and organizational controls to address the risks to be formally included in the contract with the third parties. The incumbent will check the compliance of the third parties to the specified security requirements on an annual basis / or as and when required by conducting reassessments/audits.


Key Responsibilities
  • Review and maintain Third Party Risk Assessment procedure and assessment questionnaire.
  • Review third party responses and ensure required controls are in place. Identify gaps and raise them with sponsors for resolution
  • Identify technical and organisational measures / security controls that need to be included in the contract with the third party.
  • Maintain an inventory of onboarded third parties, along with key contact personnel, and rate them based on access level / risk level / criticality level
  • Conduct periodic (annual) reassessments to verify / validate the security posture of the vendor and compliance to the agreed security controls
  • Share details of vulnerabilities that may affect the applications provided by the vendor and check if the vulnerabilities are remediated in a timely manner.

Key Requirements

The Candidate needs to possess strong technical and soft skills, as highlighted below:

  • The ideal candidate should have a Computer Science Education – Bachelor’s or master’s degree
  • The candidate should have 5- 8 years of relevant work experience in Information Security, with third party risk management as a primary responsibility.
  • ISO 27001 /ISMS Standard.
  • ISO 31000 Standard / risk assessment
  • Knowledge of security frameworks like NIST Cyber Security Framework and regulations such as GDPR, DORA etc. would be an added advantage
  • Understanding of security in relation to compliance with local legislations and regulations
  • Excellent interpersonal skills. Ability to connect with and communicate appropriately across junior to senior-level staff
  • Excellent written and spoken skills in English. Knowledge of Spanish, Portuguese or any other foreign language would be an added advantage


General Skills Requirement

  • Attention to detail
  • Good understanding of the business
  • Ability to work with minimum supervision
  • Ability to work under stress
  • Sense of responsibility

What’s in it for you?

Pathways for career development

  • Work with colleagues and clients around the world on interesting and challenging work;
  • We provide internal career opportunities so you can take your career further within TMF;
  • Continuous development is supported through global learning opportunities from the TMF Business Academy.

 

Making an impact

  • You’ll be helping us to make the world a simpler place to do business for our clients;
  • Through our corporate social responsibility programme, you’ll also be making a difference in the communities where we work.

 

A supportive environment

  • Strong feedback culture to help build an engaging workplace;
  • Our inclusive work environment allows you to work from our offices around the world, as well as from home, helping you find the right work-life balance to perform at your best.

 

Other Benefits

  • Anniversary & Birthday Leave policy
  • Be part of One TMF
  • Paternity & Adoption leaves
  • Salary advance policy
  • Work flexibility – Hybrid work model
  • Talk about growth opportunities (we invest in talent)
  • Well-being initiatives



We’re looking forward to getting to know you!